Claim Amendments 

The claims in the Application comprise the following: 

1. (Original) A communications security system to prevent transfer of selected 
communication transactions from an untrustworthy network to a trustworthy 
network, comprising: 

a server, connected to the untrustworthy network, that maintains a database 
of protection rules, each of which, when applied to a commvmication 
transaction, identifies that communication transaction to be a respective 
one of the selected communication transactions; and 

a portal, connected between the imtrustworthy network and the trusted 
network, that: 

selectively transfers the database of protection rules from said server via 
said untrustworthy network; 

receives a commurucation transaction from the untrustworthy network 
for transfer to the trustworthy network; 

applies each of the protection rules to the received commxmication 
transaction; and 

prevents the transfer of the received communication transaction to the 
trustworthy network if a protection rule identifies the received 
communication transaction to be a respective one of the selected 
communication transactions. 

2. (Original) The security system of claim 1 wherein the transfer of the database 
from the server to the portal is via a secure protocol. 
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3. (Original) The security system of claim 1: 

wherein each of said protection rules may be a selected one of two classes, 
exclusion or guard; and 

wherein the portal: 

prevents the transfer of the received commimication transaction to the 
trustworthy network if a protection rule identifies the received 
commurucation transaction to be a respective one of the selected 
communication transactions, if said protection rule is of the 
exclusion class; but 

selectively transfers the received communication transaction to the 
trustworthy network if a protection rule identifies the received 
communication transaction to be a respective one of the selected 
communication transactions, if said protection rule is of the guard 
class. 

4. (Original) The security system of claim 3 wherein the portal selectively 
transfers to the server at least a portion of each received commimication 
transaction identified to be a respective one of the selected communication 
transactions. 

5. (Original) The security system of claim 4 wherein the server, in response to 
receiving said portion of a communication transaction identified to be a 
respective one of the selected communication transactions by a protection rule of 
the guard class, analyzes said portion to determine if said communication 
transaction represents a security threat to the trustworthy network, and, if it is so 
determined, constructs a new protection rule of the exclusion dass and adds said 
new protection rule to said database. 

6. (Original) The security system of claim 5 wherein the server analyzes said 
portion using an expert system. 

7. (Original) The security system of claim 6 wherein the server constructs said 
new protection rule using the expert system. 
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8. (Original) The security system of claim 7 wherein the expert system is guided 
by a human expert. 

9. (Original) The security system of claim 4 wherein the server, in response to 
receiving said portion of a communication transaction identified to be a 
respective one of the selected communication transactions by a protection rule of 
the guard class, provides said portion to a human expert to determine if said 
communication transaction represents a security threat to the trustworthy 
network, receives new protection rules from said human expert, and adds said 
new protection rules to said database. 
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10. (Original) A communications security method to prevent transfer of selected 
communication transactions from an untrustworthy network to a trustworthy 
network, comprising: 

at a server, cormected to the untrustworthy network, maintaining a database 
of protection rules, each of which, when applied to a commimication 
transaction, identifies that communication transaction to be a respective 
one of the selected communication transactions; and 

at a portal, connected between the untrustworthy network and the trusted 
network: 

selectively transferring the database of protection rules from said server 
via said untrustworthy network; 

receiving a commuiucation transaction from the xmtrustworthy network 
for transfer to the trustworthy network; 

applying each of the protection rules to the received communication 
transaction; and 

preventing the transfer of the received communication transaction to the 
trustworthy network if a protection rule identifies the received 
commuiucation transaction to be a respective one of the selected 
communication transactions. 

11. (Original) The security method of claim 10 wherein the transfer of the 
database from the server to the portal is via a secure protocol. 
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12. (Original) The security method of claim 10: 

wherein each of said protection rules may be a selected one of two classes, 
exclusion or guard; and 

wherein, at the portal, the step of preventing is further characterized as: 

preventing the transfer of the received commimication transaction to the 
trustworthy network if a protection rule identifies the received 
communication transaction to be a respective one of the selected 
communication transactions, if said protection rule is of the 
exclusion class; but 

selectively transferring the received communication transaction to the 
trustworthy network if a protection rule identifies the received 
communication transaction to be a respective one of the selected 
commimication transactions, if said protection rule is of the guard 
class. 

13. (Original) The security method of claim 12 further comprising, at the portal: 

selectively transferring to the server at least a portion of each received 
communication transaction identified to be a respective one of the 
selected commimication transactions. 
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14. (Original) The security method of claim 13 further comprising, at the server: 

receiving said portions of said communication transactions identified to be a 
respective one of the selected communication transactions; and 

in response to receiving said portion of a commurucation transaction 
identified to be a respective one of the selected commvmication 
transactions by a protection rule of the guard class, analyzing said 
portion to determine if said communication transaction represents a 
security threat to the trustworthy network, and, if it is so determined, 
constructing a new protection rule of the exclusion class and adding said 
new protection rule to said database. 

15. (Original) The security method of claim 14 further including, at the server: 
analyzing said portion using an expert system. 

16. (Original) The security method of claim 15 wherein, at the server, the step of 
constructing the new protection rule is further characterized as: 

constructing said new protection rule using the expert system. 

17. (Original) The security method of claim 16 wherein, at the server, the expert 
system is guided by a human expert. 

18. (Original) The security method of claim 13 further comprising, at the server: 

receiving said portions of said communication transactions identified to be a 
respective one of the selected communication transactions; and 

in response to receiving said portion of a communication transaction 
identified to be a respective one of the selected commimication 
transactions by a protection rule of the guard class, providing said 
portion to a human expert to determine if said communication 
transaction represents a security threat to the trustworthy network, 
receiving new protection rules from said human expert, and adding said 
new protection rules to said database. 
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19. (Original) A portal for use in a communications security system to prevent 
transfer of selected communication transactions from an imtrustworthy network 
to a trustworthy network, the security system including a server, connected to 
the untrustworthy network, that maintains a database of protection rules, each of 
which, when applied to a communication transaction, identifies that 
communication transaction to be a respective one of the selected communication 
transactions, the portal, when connected between the untrustworthy network 
and the trusted network: 

selectively transferring the database of protection rules from said server 
via said untrustworthy network; 

receiving a communication transaction from the untrustworthy network 
for transfer to the trustworthy network; 

applying each of the protection rules to the received communication 
transaction; and 

preventing the transfer of the received communication transaction to the 
trustworthy network if a protection rule identifies the received 
commxmication transaction to be a respective one of the selected 
communication transactions. 
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20. (Currently amended) A server for use in a communications security system to 
prevent transfer of selected commimication transactions from an untrustworthy 
network to a trustworthy network via a portal, the server, when connected to the 
untrustworthy network: 

maintaining a database of protection rules, each of which, when applied to a 
communication transaction, identifies that commimication transaction to 
be a respective one of the selected communication transactions; and 

upon request by said portal selectively transferring the database of 
protection rules via said untrustworthy network to said portal for 
application by said portal to each communication transaction received by 
said portal to prevent the transfer of the received commimication 
transaction to the trustworthy network by the portal if a protection rule, 
when applied by the portal, identifies the received communication 
transaction to be a respective one of the selected commimication 
transactions. 
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21. (Previously presented) A commimications security system to prevent transfer 
of selected communication transactions from an untrustworthy network to a 
trustworthy network, comprising: 

a server, connected to the untrustworthy network, that maintains a plurality 
of protection rules, each of which, when applied to a communication 
transaction, identifies that communication transaction to be a respective 
one of the selected communication transactions; and 

a portal, connected between the untrustworthy network and the trusted 
network, that: 

cooperates with the server to transfer the database of protection rules 
from said server to the portal via said untrustworthy network; 

receives a communication transaction from the untrustworthy network 
for transfer to the trustworthy network; 

applies each of the protection rules to the received commxmication 
transaction; and 

selectively transfers to the server at least a portion of the received 
communication transaction via the untrustworthy network if a 
protection rule identifies the received communication transaction to 
be a respective one of the selected communication transactions. 
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22. (Previously presented) A portal for use in a communications security system 
to selectively transfer a communication transaction in accordance with a 
protection rule maintained by a server, the portal: 

transferring the protection rule from said server; 

receiving the communication transaction; 

applying the protection rule to the received communication transaction; 

preventing the transfer of the received commvmication transaction if 
required by the protection rule; and 

selectively transferring to the server at least a portion of the received 

communication transaction even if the protection rule allows transfer of 
the received communication transaction. 
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23. (Previously presented) A communications security method wherein a portal 
selectively transfers a communication transaction in accordance with a first 
protection rule maintained by a server, comprising: 

transferring the first protection rule from said server to the portal; 

receiving at the portal the communication transaction; 

applying at the portal the first protection rule to the communication 
transaction; 

preventing at the portal the transfer of the communication transaction if 
required by the first protection rule; 

selectively transferring from the portal to the server at least a portion of the 
commurucation transaction even if the first protection rule allows 
transfer of the communication transaction; and 

selectively creating at the server a second protection rule in response to said 
portion of the communication transaction. 
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